NetWitness Community

sravan.koneti · 2022-03-06

Hi @socuser , This grouping works as expected as each incident has 1000 alerts. rsa.respond.alertrule.batch-size=1000 value decides how many alerts are part of each incident. https://community.netwitness.com/t5/netwitness-platform-online/respond-serv...

sravan.koneti · 2022-03-06

Hi @socuser , You will have to stop aggregation during this data transfer to the new NAS. make sure all packetdb,metadb,sessiondb, index contents are copied over to the new NAS. Then update the configuration of Archiver with new NAS directories for m...

sravan.koneti · 2022-03-03

Hi @danielhong , Please reach out support over phone using https://community.netwitness.com/t5/support-information/how-to-contact-netwitness-support/ta-p/563897

sravan.koneti · 2022-03-03

Hi @danielkrycki1 , Please reach out support over phone using https://community.netwitness.com/t5/support-information/how-to-contact-netwitness-support/ta-p/563897

sravan.koneti · 2021-10-22

Hi @Sachin , Please use show syntax button to see Rule logic in EPL.

NetWitness Community

User Statistics

User Activity

Re: Alert is not Grouping Properly as Incident

Re: Ship Archiver Data to New NAS

Re: Access denied for downloads and case portal

Re: Access Denied

Re: Rule Format Conversation